Cha-Cha-Cha-Changes with Tripwire Enterprise 7

Auditing software can help IT get a handle on unwanted modifications to server and network infrastructure.

The Upshot

Tripwire combines change auditing with configuration assessment to help IT maintain operational, regulatory and security compliance as well as reduce management costs and improve efficiency. Tripwire provides configuration assessment tests that map to defined industry standards, such as PCI, Center for Internet Security, Sarbanes-Oxley, COBIT and others.

Tripwire complements CMDBs because it can help keep the information stored in CMDBs relevant, especially in the data center. Tripwire both competes and integrates with systems from AlterPoint, BladeLogic, Opsware, Voyence and others. Midsize organizations may use Tripwire as a general-purpose change and configuration management system; in large enterprises it will play a more complementary role for change audits.

Tripwire provides significant configuration and compliance capabilities to organizations to help them manage and monitor infrastructure changes. The application is extremely flexible—meaning it could become complex if not managed correctly. Tripwire integrates with other CMDB systems and can be a valuable front-line data analysis tool for most any IT shop.

Tripwire Enterprise 7

Any good IT manager knows that unplanned change is a leading cause of network downtime, not to mention security and compliance problems. Tripwire Enterprise 7 is the most recent addition to the host of tools available to help IT drive change management—not the other way around..
Tripwire 7 detects all change across the network and server infrastructure. Unlike many rivals, it detects and analyzes changes to countless elements on both network and server environments. Examples we tested include registry settings, application configuration files on servers, databases table structure, and Cisco IOS changes.

Tripwire allows for the development of acceptance workflow and criteria and provides the ability to alert and take action if a change is detected. The product also has a number of prebuilt policy templates available for download that are a great way to jumpstart installation.

In addition to monitoring for changes, Tripwire can resolve potential issues by reconciling changes within its own application or calling external processes from other change- or patch-management tools. If the change was expected, you can promote the associated change version to the baseline. If an unexpected change is detected in a configuration file, you may be able to restore the configuration from the baseline, or opt to use your existing element manager, such as CiscoWorks, to update the device.

On the downside, Tripwire doesn't provide much guidance for IT to assess the severity of a change, which could mean a considerable amount of upfront work when configuring alarms. Tripwire may also duplicate some functions of other server and network management tools.

Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.